Files
|
File Path
|
Type
|
Category
|
Malicious
|
|
|---|---|---|---|---|
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5928_1378858898\LICENSE
|
ASCII text
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5928_1378858898\_metadata\verified_contents.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5928_1378858898\manifest.fingerprint
|
ASCII text, with no line terminators
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5928_1378858898\manifest.json
|
JSON data
|
dropped
|
||
|
C:\Windows\SystemTemp\chrome_PuffinComponentUnpacker_BeginUnzipping5928_1378858898\sets.json
|
JSON data
|
dropped
|
||
|
Chrome Cache Entry: 121
|
ASCII text, with very long lines (2609)
|
downloaded
|
||
|
Chrome Cache Entry: 122
|
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 123
|
gzip compressed data, last modified: Thu Mar 21 14:06:13 2024, max compression, from Unix, original size modulo 2^32 1859753
|
downloaded
|
||
|
Chrome Cache Entry: 124
|
ASCII text, with very long lines (3975), with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 125
|
gzip compressed data, last modified: Wed Jul 12 07:42:38 2023, max compression, from Unix, original size modulo 2^32 135005
|
downloaded
|
||
|
Chrome Cache Entry: 126
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 127
|
gzip compressed data, last modified: Tue Dec 19 12:49:46 2023, max compression, from Unix, original size modulo 2^32 133640
|
downloaded
|
||
|
Chrome Cache Entry: 128
|
ASCII text, with no line terminators
|
downloaded
|
||
|
Chrome Cache Entry: 129
|
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
|
downloaded
|
||
|
Chrome Cache Entry: 130
|
gzip compressed data, last modified: Thu Mar 21 14:06:13 2024, max compression, from Unix, original size modulo 2^32 1859753
|
dropped
|
||
|
Chrome Cache Entry: 131
|
ASCII text, with very long lines (2609)
|
dropped
|
||
|
Chrome Cache Entry: 132
|
gzip compressed data, last modified: Wed Jul 12 07:42:38 2023, max compression, from Unix, original size modulo 2^32 135005
|
dropped
|
||
|
Chrome Cache Entry: 133
|
gzip compressed data, last modified: Mon Dec 12 03:50:12 2022, max compression, from Unix, original size modulo 2^32 53127
|
downloaded
|
||
|
Chrome Cache Entry: 134
|
gzip compressed data, last modified: Wed Apr 17 09:51:07 2024, max compression, from Unix, original size modulo 2^32 176393
|
dropped
|
||
|
Chrome Cache Entry: 135
|
gzip compressed data, last modified: Wed Apr 17 09:51:07 2024, max compression, from Unix, original size modulo 2^32 176393
|
downloaded
|
||
|
Chrome Cache Entry: 136
|
PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced
|
dropped
|
||
|
Chrome Cache Entry: 137
|
HTML document, ASCII text, with very long lines (515)
|
downloaded
|
||
|
Chrome Cache Entry: 138
|
ASCII text, with very long lines (3975), with no line terminators
|
dropped
|
There are 14 hidden files, click here to show them.
Processes
|
Path
|
Cmdline
|
Malicious
|
|
|---|---|---|---|
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US
--service-sandbox-type=none --mojo-platform-channel-handle=2040 --field-trial-handle=1996,i,10796994837371827411,2708721533245210862,262144
--disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction
/prefetch:8
|
||
|
C:\Program Files\Google\Chrome\Application\chrome.exe
|
"C:\Program Files\Google\Chrome\Application\chrome.exe" "https://darwynnfulfillment.freshdesk.com/register/Xo7ehwav33TcneRvnq7"
|
URLs
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
https://darwynnfulfillment.freshdesk.com/register/Xo7ehwav33TcneRvnq7
|
|||
|
https://wieistmeineip.de
|
unknown
|
||
|
https://mercadoshops.com.co
|
unknown
|
||
|
https://gliadomain.com
|
unknown
|
||
|
https://poalim.xyz
|
unknown
|
||
|
https://assets7.freshdesk.com/assets/cdn/workspace-96a5fb99fb057eca9b52625363cee919740c8fc4623b7660b
|
unknown
|
||
|
https://mercadolivre.com
|
unknown
|
||
|
https://reshim.org
|
unknown
|
||
|
https://nourishingpursuits.com
|
unknown
|
||
|
https://medonet.pl
|
unknown
|
||
|
https://unotv.com
|
unknown
|
||
|
https://mercadoshops.com.br
|
unknown
|
||
|
https://joyreactor.cc
|
unknown
|
||
|
https://zdrowietvn.pl
|
unknown
|
||
|
https://assets5.freshdesk.com
|
unknown
|
||
|
https://johndeere.com
|
unknown
|
||
|
https://songstats.com
|
unknown
|
||
|
https://baomoi.com
|
unknown
|
||
|
https://supereva.it
|
unknown
|
||
|
https://elfinancierocr.com
|
unknown
|
||
|
https://assets7.freshdesk.com/assets/cdn/workspace-96a5fb99fb057eca9b52625363cee919740c8fc4623b7660b1f64384ab5de640.js
|
52.222.225.5
|
||
|
https://bolasport.com
|
unknown
|
||
|
https://rws1nvtvt.com
|
unknown
|
||
|
https://desimartini.com
|
unknown
|
||
|
https://hearty.app
|
unknown
|
||
|
https://hearty.gift
|
unknown
|
||
|
https://mercadoshops.com
|
unknown
|
||
|
https://heartymail.com
|
unknown
|
||
|
https://nlc.hu
|
unknown
|
||
|
https://p106.net
|
unknown
|
||
|
https://radio2.be
|
unknown
|
||
|
https://finn.no
|
unknown
|
||
|
https://hc1.com
|
unknown
|
||
|
https://kompas.tv
|
unknown
|
||
|
https://mystudentdashboard.com
|
unknown
|
||
|
https://songshare.com
|
unknown
|
||
|
https://smaker.pl
|
unknown
|
||
|
https://mercadopago.com.mx
|
unknown
|
||
|
https://p24.hu
|
unknown
|
||
|
https://talkdeskqaid.com
|
unknown
|
||
|
https://24.hu
|
unknown
|
||
|
https://mercadopago.com.pe
|
unknown
|
||
|
https://cardsayings.net
|
unknown
|
||
|
https://text.com
|
unknown
|
||
|
https://mightytext.net
|
unknown
|
||
|
https://pudelek.pl
|
unknown
|
||
|
https://hazipatika.com
|
unknown
|
||
|
https://joyreactor.com
|
unknown
|
||
|
https://cookreactor.com
|
unknown
|
||
|
https://wildixin.com
|
unknown
|
||
|
https://eworkbookcloud.com
|
unknown
|
||
|
https://cognitiveai.ru
|
unknown
|
||
|
https://nacion.com
|
unknown
|
||
|
https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/153006261801/fav_icon/FySB4N0Dof4unBE7hZXBHx8yOpu64TWbMw.png
|
3.5.21.134
|
||
|
https://chennien.com
|
unknown
|
||
|
https://drimer.travel
|
unknown
|
||
|
https://deccoria.pl
|
unknown
|
||
|
https://mercadopago.cl
|
unknown
|
||
|
https://talkdeskstgid.com
|
unknown
|
||
|
https://naukri.com
|
unknown
|
||
|
https://interia.pl
|
unknown
|
||
|
https://bonvivir.com
|
unknown
|
||
|
https://carcostadvisor.be
|
unknown
|
||
|
https://salemovetravel.com
|
unknown
|
||
|
https://sapo.io
|
unknown
|
||
|
https://wpext.pl
|
unknown
|
||
|
https://welt.de
|
unknown
|
||
|
https://poalim.site
|
unknown
|
||
|
https://drimer.io
|
unknown
|
||
|
https://infoedgeindia.com
|
unknown
|
||
|
https://blackrockadvisorelite.it
|
unknown
|
||
|
https://cognitive-ai.ru
|
unknown
|
||
|
https://cafemedia.com
|
unknown
|
||
|
https://graziadaily.co.uk
|
unknown
|
||
|
https://thirdspace.org.au
|
unknown
|
||
|
https://mercadoshops.com.ar
|
unknown
|
||
|
https://smpn106jkt.sch.id
|
unknown
|
||
|
https://elpais.uy
|
unknown
|
||
|
https://landyrev.com
|
unknown
|
||
|
https://the42.ie
|
unknown
|
||
|
https://commentcamarche.com
|
unknown
|
||
|
https://tucarro.com.ve
|
unknown
|
||
|
https://rws3nvtvt.com
|
unknown
|
||
|
https://eleconomista.net
|
unknown
|
||
|
https://helpdesk.com
|
unknown
|
||
|
https://mercadolivre.com.br
|
unknown
|
||
|
https://s3.amazonaws.com/cdn.freshdesk.com/data/helpdesk/attachments/production/153006261799/logo/ZV
|
unknown
|
||
|
https://assets8.freshdesk.com/assets/cdn/defaults-be9795ecc546fd0e9fbe525c6f1d020d0bd6e8edaaf3c12fe4f1a49a1f761c09.js
|
52.222.225.5
|
||
|
https://clmbtech.com
|
unknown
|
||
|
https://standardsandpraiserepurpose.com
|
unknown
|
||
|
https://07c225f3.online
|
unknown
|
||
|
https://salemovefinancial.com
|
unknown
|
||
|
https://mercadopago.com.br
|
unknown
|
||
|
https://commentcamarche.net
|
unknown
|
||
|
https://etfacademy.it
|
unknown
|
||
|
https://mighty-app.appspot.com
|
unknown
|
||
|
https://hj.rs
|
unknown
|
||
|
https://hearty.me
|
unknown
|
||
|
https://mercadolibre.com.gt
|
unknown
|
||
|
https://timesinternet.in
|
unknown
|
||
|
https://indiatodayne.in
|
unknown
|
There are 90 hidden URLs, click here to show them.
Domains
|
Name
|
IP
|
Malicious
|
|
|---|---|---|---|
|
darwynnfulfillment.freshdesk.com
|
54.85.43.134
|
||
|
assets8.freshdesk.com
|
52.222.225.5
|
||
|
s3.amazonaws.com
|
3.5.21.134
|
||
|
assets7.freshdesk.com
|
52.222.225.5
|
||
|
assets10.freshdesk.com
|
52.222.225.5
|
||
|
cdnjs.cloudflare.com
|
104.17.25.14
|
||
|
assets2.freshdesk.com
|
52.222.225.5
|
||
|
s-part-0017.t-0009.t-msedge.net
|
13.107.246.45
|
||
|
www.google.com
|
142.250.185.132
|
||
|
assets1.freshdesk.com
|
18.239.81.5
|
||
|
fp2e7a.wpc.phicdn.net
|
192.229.221.95
|
There are 1 hidden domains, click here to show them.
IPs
|
IP
|
Domain
|
Country
|
Malicious
|
|
|---|---|---|---|---|
|
104.17.24.14
|
unknown
|
United States
|
||
|
52.222.225.5
|
assets8.freshdesk.com
|
United States
|
||
|
54.85.43.134
|
darwynnfulfillment.freshdesk.com
|
United States
|
||
|
142.250.185.132
|
www.google.com
|
United States
|
||
|
192.168.2.4
|
unknown
|
unknown
|
||
|
3.5.21.134
|
s3.amazonaws.com
|
United States
|
||
|
239.255.255.250
|
unknown
|
Reserved
|
||
|
52.217.140.136
|
unknown
|
United States
|
||
|
18.245.195.5
|
unknown
|
United States
|
||
|
104.17.25.14
|
cdnjs.cloudflare.com
|
United States
|
||
|
18.239.81.5
|
assets1.freshdesk.com
|
United States
|
There are 1 hidden IPs, click here to show them.
DOM / HTML
|
URL
|
Malicious
|
|
|---|---|---|
|
https://darwynnfulfillment.freshdesk.com/register/Xo7ehwav33TcneRvnq7
|
||
|
https://darwynnfulfillment.freshdesk.com/register/Xo7ehwav33TcneRvnq7
|